Proof of concept with totp

author: Yves Fischer <yvesf-git@xapek.org> 2018-11-26 01:35:11 +0100
committer: Yves Fischer <yvesf-git@xapek.org> 2018-11-26 01:35:11 +0100
commit: 3b89dc69da0f88cf8e2290523fa50656ac2ebb5d (patch)
tree: 105313b862ca7d8a123a37c279508081744a90d9 /src/totp.rs
download: nginx-auth-totp-3b89dc69da0f88cf8e2290523fa50656ac2ebb5d.tar.gz
nginx-auth-totp-3b89dc69da0f88cf8e2290523fa50656ac2ebb5d.zip
1 files changed, 30 insertions, 0 deletions
diff --git a/src/totp.rs b/src/totp.rs
new file mode 100644
index 0000000..09b4503
--- /dev/null
+++ b/src/totp.rs
@@ -0,0 +1,30 @@
+use oath::totp_custom_time;
+use oath::HashType;
+use std::time::{UNIX_EPOCH, SystemTime};
+
+pub fn verify(secret: &str, token: &str) -> Result<bool, &'static str> {
+    let time_step = 30;
+    let totp = |time| {
+        totp_custom_time(secret, 6, 0, time_step, time, &HashType::SHA512)
+            .map(|t| {
+                debug!("Generated OTP for probing {} for key {}", t, secret);
+                t
+            })
+            .map(|t| format!("{:06}", t) == *token)
+    };
+    let current_time: u64 = SystemTime::now().duration_since(UNIX_EPOCH)
+        .expect("Earlier than 1970-01-01 00:00:00 UTC").as_secs();
+    if current_time % time_step <= 5 && totp(current_time - 30)? {
+        return Ok(true);
+    }
+
+    if current_time % time_step >= 25 && totp(current_time + 30)? {
+        return Ok(true);
+    }
+
+    if totp(current_time)? {
+        return Ok(true);
+    }
+
+    Ok(false)
+}
+\ No newline at end of file
author	Yves Fischer <yvesf-git@xapek.org>	2018-11-26 01:35:11 +0100
committer	Yves Fischer <yvesf-git@xapek.org>	2018-11-26 01:35:11 +0100
commit	3b89dc69da0f88cf8e2290523fa50656ac2ebb5d (patch)
tree	105313b862ca7d8a123a37c279508081744a90d9 /src/totp.rs
download	nginx-auth-totp-3b89dc69da0f88cf8e2290523fa50656ac2ebb5d.tar.gz nginx-auth-totp-3b89dc69da0f88cf8e2290523fa50656ac2ebb5d.zip